Call to retrieve messages from an authenticated subscriber 33

Assumptions: The caller is authenticated using UserA’s credentials.

"sip:UserA-retrieve-auth@vm.wcom.com" maps to UserA’s mailbox and the behavior of "retrieve messages." The voice mail service trusts the proxy not to forward any calls to that URI unless the call is authenticated to be from UserA.

Given these assumptions, The VM service may choose not require a PIN for calls to this URI.

User A Proxy VM Service | | | | INVITE F1 | | |--->| | | | INVITE F2 | | (100 Trying) F3 |--->|

|<---| | | | 200 OK F4 | | 200 OK F5 |<---|

|<---| | | | | | ACK F6 | | |--->| ACK F7 | | |--->|

| | | | RTP Both Ways - Deposit Msg for B | |<-m-m-m-m-m-m-m-m-m-m-m-m-m-m-m-m-m-m-m-m->|

| | | | BYE F8 | | |--->| BYE F9 | | |--->|

| | | | | 200 OK F10 | | |<---|

| 200 OK F11 | | |<---| | | | | Flow Id Comments

INVITE F1 INVITE sip:VoiceMail@wcom.com SIP/2.0 A->Proxy Via: SIP/2.0/UDP here.com:5060

From: TheBigGuy <sip:UserA@here.com>

To: VoiceMail <sip:VoiceMail@wcom.com>

Call-Id: 12345600@here.com CSeq: 1 INVITE

Contact: TheBigGuy <sip:UserA@here.com>

Proxy-Authorization:Digest username="UserA", realm="MCI WorldCom SIP",

nonce="ea9c8e88df84f1cec4341ae6cbe5a359", opaque="", uri="sip:VoiceMail@wcom.com", response=<appropriately calculated hash goes here>

Content-Type: application/sdp

Content-Length: <appropriate value>

v=0

o=UserA 2890844526 2890844526 IN IP4 client.here.com s=Session SDP

c=IN IP4 100.101.102.103 t=0 0

m=audio 49170 RTP/AVP 0 a=rtpmap:0 PCMU/8000

/*Client for A prepares to receive data on port 49170 from the network. */

INVITE F2 INVITE sip:UserA-retrieve-auth@vm.wcom.com SIP/2.0 Proxy->B1 Via: SIP/2.0/UDP wcom.com:5060; branch=1

Via: SIP/2.0/UDP here.com:5060

Record-Route: <sip:VoiceMail@wcom.com>

From: TheBigGuy <sip:UserA@here.com>

To: VoiceMail <sip:VoiceMail@wcom.com>

Call-Id: 12345600@here.com CSeq: 1 INVITE

Contact: TheBigGuy <sip:UserA@here.com>

Content-Type: application/sdp

Content-Length: <appropriate value>

v=0

o=UserA 2890844526 2890844526 IN IP4 client.here.com s=Session SDP

c=IN IP4 100.101.102.103 t=0 0

m=audio 49170 RTP/AVP 0 a=rtpmap:0 PCMU/8000 (100 Trying SIP/2.0 100 Trying

F3 Via: SIP/2.0/UDP here.com:5060

Proxy->A) From: TheBigGuy <sip:UserA@here.com>

To: VoiceMail <sip:VoiceMail@wcom.com>

Call-Id: 12345600@here.com CSeq: 1 INVITE

Content-Length: 0 200 OK F4 SIP/2.0 200 OK

VM->Proxy Via: SIP/2.0/UDP wcom.com:5060; branch=1 Via: SIP/2.0/UDP here.com:5060

Record-Route: <sip:VoiceMail@wcom.com>

From: TheBigGuy <sip:UserA@here.com>

To: VoiceMail <sip:VoiceMail@wcom.com>;tag=3145678 Call-Id: 12345600@here.com

CSeq: 1 INVITE

Contact: VoiceMailSystem auth@vm.wcom.com>

Content-Type: application/sdp

Content-Length: <appropriate value>

v=0

o=UserB 2890844527 2890844527 IN IP4 vm.wcom.com s=Session SDP

c=IN IP4 110.111.112.114 t=0 0

m=audio 3456 RTP/AVP 0 a=rtpmap:0 PCMU/8000 200 OK F5 SIP/2.0 200 OK

Proxy->A Via: SIP/2.0/UDP here.com:5060

Record-Route: <sip:VoiceMail@wcom.com>

From: TheBigGuy <sip:UserA@here.com>

To: VoiceMail <sip:VoiceMail@wcom.com>;tag=3145678 Call-Id: 12345600@here.com

CSeq: 1 INVITE

Contact VoiceMailSystem <sip: auth@vm.wcom.com>

Content-Type: application/sdp

Content-Length: <appropriate value>

v=0

o=UserB 2890844527 2890844527 IN IP4 vm.wcom.com s=Session SDP

c=IN IP4 110.111.112.114 t=0 0

m=audio 3456 RTP/AVP 0 a=rtpmap:0 PCMU/8000

ACK F6 ACK sip:VoiceMail@wcom.com SIP/2.0 A->Proxy Via: SIP/2.0/UDP here.com:5060

Route: <sip:UserA-retrieve-auth@vm.wcom.com>

From: TheBigGuy <sip:UserA@here.com>

To: VoiceMail <sip:VoiceMail@wcom.com>;tag=3145678 Call-Id: 12345600@here.com

CSeq: 1 ACK

Content-Length: 0

ACK F7 ACK sip:UserA-retrieve-auth@vm.wcom.com SIP/2.0 Proxy->VM Via: SIP/2.0/UDP wcom.com:5060

Via: SIP/2.0/UDP here.com:5060

From: TheBigGuy <sip:UserA@here.com>

To: VoiceMail <sip:VoiceMail@wcom.com>; tag=3145678 Call-Id: 12345600@here.com

CSeq: 1 ACK

Content-Length: 0

/* RTP streams are established between A and VM. VM determines that the call is likely from UserA, and starts a message retrieval session. Since the proxy has already authenticated the identity of UserA, the VM does not need to prompt for PIN. */

/* User A Hangs Up with VM system. Alternatively, the VM system could initiate the BYE*/

BYE F8 BYE sip:VoiceMail@wcom.com SIP/2.0 A->Proxy Via: SIP/2.0/UDP here.com:5060

Route:<sip:UserA-retrieve-auth@vm.wcom.com>

From: TheBigGuy <sip:UserA@here.com>

To: VoiceMail <sip:VoiceMail@wcom.com>;tag=3145678 Call-Id: 12345600@here.com

CSeq: 2 BYE

Content-Length: 0

BYE F9 BYE sip: UserA-retrieve-auth@vm.wcom.com SIP/2.0 Proxy->VM Via: SIP/2.0/UDP wcom.com:5060

Via: SIP/2.0/UDP here.com:5060

From: TheBigGuy <sip:UserA@here.com>

To: VoiceMail <sip:VoiceMail@wcom.com>;tag=3145678 Call-Id: 12345600@here.com

CSeq: 2 BYE

Content-Length: 0 200 OK F10 SIP/2.0 200 OK

VM->Proxy Via: SIP/2.0/UDP wcom.com:5060 Via: SIP/2.0/UDP here.com:5060

From: TheBigGuy <sip:UserA@here.com>

To: VoiceMail <sip:VoiceMail@wcom.com>;tag=3145678 Call-Id: 12345600@here.com

CSeq: 2 BYE

Content-Length: 0 200 OK F11 SIP/2.0 200 OK

Proxy->A Via: SIP/2.0/UDP here.com:5060

From: TheBigGuy <sip:UserA@here.com>

To: VoiceMail <sip:VoiceMail@wcom.com>;tag=3145678 Call-Id: 12345600@here.com

CSeq: 2 BYE Content-Length: 0

5. Security Considerations

This document discusses a usage of SIP/2.0 as defined by RFC 2543[1].

It introduces no additions, modifications, or restrictions to the protocol defined therein. Any implementation of the concepts in this document is subject to the issues discussed there.